Re: [PATCH net] xfrm: prevent some integer overflows in verify_ functions

From: Herbert Xu
Date: Tue Dec 17 2024 - 07:04:26 EST


On Tue, Dec 17, 2024 at 11:42:31AM +0300, Dan Carpenter wrote:
>
> + if (algp->alg_key_len > INT_MAX) {

Why not check for UINT_MAX - 7? INT_MAX seems a bit arbitrary.

Thanks,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt